lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 10 May 2021 11:53:09 -0700
From:   "H. Peter Anvin" <hpa@...or.com>
To:     Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Borislav Petkov <bp@...en8.de>,
        Andy Lutomirski <luto@...nel.org>
Cc:     "H. Peter Anvin" <hpa@...or.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: [RFC v2 PATCH 0/6] x86/entry: cleanups and consistent syscall number handling

From: "H. Peter Anvin (Intel)" <hpa@...or.com>

This patchset:

1. Cleans up some duplications between <entry/calling.h> and <asm/ptrace-abi.h>.

2. Swaps the arguments to do_syscall_64() for consistency *and* speed.

3. Adds the maximum number of flags to MSR_SYSCALL_MASK; the previous
   is more of a minimum. The more flags that are masked, the less the
   likelihood of a control leak into the kernel.

4. Consistently treat the system call number as a signed int. This is
   what syscall_get_nr() already does, and therefore what all
   architecture-independent code (e.g. seccomp) already expects.

5. As per the defined semantics of syscall_get_nr(), only the value -1
   is defined as a non-system call, so comparing >= 0 is
   incorrect. Change to != -1.

6. Call sys_ni_syscall() for system calls which are out of range
   except for -1, which is used by ptrace and seccomp as a "skip
   system call" marker) just as for system call numbers that
   correspond to holes in the table.

7. In <entry/calling.h>, factor the PUSH_AND_CLEAR_REGS macro into
   separate PUSH_REGS and CLEAR_REGS macros which can be used
   separately if desired. This will be used by the FRED entry code at
   a later date.

Changes from v1:

* Only -1 should be a non-system call per the cross-architectural
  definition of sys_ni_syscall().
* Fix/improve patch descriptions.

--- 
 arch/x86/entry/calling.h       | 45 ++++++--------------------
 arch/x86/entry/common.c        | 71 ++++++++++++++++++++++++++++--------------
 arch/x86/entry/entry_64.S      |  4 +--
 arch/x86/include/asm/syscall.h | 13 ++++----
 arch/x86/kernel/cpu/common.c   | 12 +++++--
 arch/x86/kernel/head_64.S      |  6 ++--
 6 files changed, 77 insertions(+), 74 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ